Trustworthy AI Page 1 64 COMMUNICATIONS OF THE ACM | OCTOBER 2021 | VOL. 64 | NO.
10 review articles DOI:10.1145/3448248 The pursuit of responsible AI raises the ante on both …

Interaction trees (ITrees) are a general-purpose data structure for representing the behaviors
of recursive programs that interact with their environments. A coinductive variant of “free …

The interfaces between layers of a system are susceptible to bugs if developers of adjacent
layers proceed under subtly different assumptions. Formal verification of two layers against …

This paper introduces Perennial, a framework for verifying concurrent, crash-safe systems.
Perennial extends the Iris concurrency framework with three techniques to enable crash …

This paper presents a novel formal semantics, mechanized in Coq, for a large, sequential
subset of the LLVM IR. In contrast to previous approaches, which use relationally-specified …

Transactional objects combine the performance of classical concurrent objects with the high-
level programmability of transactional memory. However, verifying the correctness of …

We present verification of a bare-metal server built using diverse implementation techniques
and languages against a whole-system input-output specification in terms of machine code …

We present a networked key-value server, implemented in C and formally verified in Coq.
The server interacts with clients using a subset of the HTTP/1.1 protocol and is specified and …

Lighthouse projects like CompCert, seL4, IronFleet, and DeepSpec have demonstrated that
full system verification is feasible by establishing a refinement between an abstract system …

We present a foundationally verified implementation of a reliable communication library for
asynchronous client-server communication, and a stack of formally verified components on …